Lookup answer depends on query source

Fajar A. Nugraha fajar at fajar.net
Tue Oct 14 08:08:36 UTC 2008


Jing Cao wrote:
> So if the client uses a DNS resolver, the DNS who is responsible for the
> name translation will only "view" the DNS resolve's IP, not the client's IP?
>   
Yes
> If yes, then the view in the DNS doesn't mean anything for that client.
>   
Yes, if you're interested in *exact* information.
However, in practical usage, it can give enough information for the DNS
server to acct accordingly. Using Kevin's example, if a client use a
resolver that belongs to an ISP in US, most of time you can assume that
the client is located in US. This assumption takes into account that :
- most ISPs restrict their resource (DNS resolver, SMTP server, etc.)
only for their customers
- most users will use whatever setting their ISP gives them.
There are "anomalies" though, like OpenDNS which allows queries from
anywhere.
So if a client location *estimate* is enough, resolver IP might give you
that information.

Real-world implementation example : clamav's db.local.clamav.net record,
which provides Akamai-like functionality using DNS.

> Will the DNS resolver tell the DNS who is in fact request the name
> translation?
>
>
>   

No.

>> Mr. Chow Wing Siu wrote:
>>     
>>
>>> Use-case TWO)
>>> Query source for xxxx.com from:               Lookup IP answer:
>>> 222.111.111.111 (from country A)      111.111.111.111
>>> 226.111.111.111 (from country A)      111.111.111.111
>>> 228.123.111.111 (from country A)      111.111.111.111
>>> 222.111.222.111 (from country B)      111.111.111.112
>>> 226.111.222.111 (from country B)      111.111.111.112
>>> 228.125.111.111 (from country B)      111.111.111.112
>>>
>>> Using BIND view to setup seems to be not so good.  Isn't it?
>>> Then, do anyone knows how to setup as above?
>>>
>>>       

See http://www.caraytech.com/geodns/
Again, a real-world usage example is clamav's name servers.

Regards,

Fajar




More information about the bind-users mailing list